0P3N Blog

Cybrary’s Open Blog is a user contributed cybersecurity knowledge base that brings together content highlighting the latest tools, exploits, technologies and insights in the industry.

Mobile Deauthentication Attacks
By: angelawood
July 13, 2019

TL;DR: Deauthentication attacks have been around for a long time, and new techniques for altering wireless network connections have developed around new technologies. Mobile apps with working de-authentication protocols are easily accessible on the marketplace, and more devices and systems rely on internet connections to function. This section explores de-authentication attacks, their context in new ...

Pricing a Vulnerability Assessment
By: thorlacher2322
July 11, 2019

Penetration testing and vulnerability assessment are an essential step in securing an organization’s communications networks. In some cases, such as hospitals and other public facilities, vulnerability assessments are required by law. How much can one expect to pay or bill for a vulnerability assessment? This depends on several factors, but there are ways to estimate the ...

Notorious Hacking Groups of the 21st Century
By: lpark
July 9, 2019

TL;DR: Coordinated hacking groups carry out some of the most visible attacks in the cybersecurity industry. No matter their motivations, hacking groups can gain notoriety and exposure from their works. This section looks at some of the most notorious hacking groups in recent years, what they did, and why they did it. The cultural component ...

Get to Know Your Instructor: Kitt Parker
By: lpark
July 9, 2019

onethird] [/onethird Fun Facts About Kitt! What course do you teach? Introduction to SQL What is an interesting fact about you? I enjoy building personal computers and servers with hardware pieces. I then overclock them to push their limits. ...

Current Threats in Ransomware
By: Mike G.
July 7, 2019

Ransomware “Growth” Ransomware attacks have gained prominence in recent times, and industries and governments across the world have implemented policies and advisories to counter the threat. The attack involves a malicious program that holds user or organizational data for “ransom” in exchange for payment. The payment is often made anonymously through digital currencies. In order to ...

Clickjacking
By: lpark
July 5, 2019

Clickjacking techniques involve convincing the user to click on something that they did not intend to click. This approach is often used to spread malware or gain unauthorized control of devices. This section explains the history of clickjacking, its many evolutions throughout the history of the web, and best practices for preventing clickjacking attacks. Clickjacking attacks ...

Are We Doing Our Part to Reduce Risk Properly?
By: robsmith2
July 3, 2019

The hardest part of any security professionals’ job, cyber or otherwise, tends to be dealing, in some cases, with a limit budget and management group that does not fully comprehend the value that the security professional’s role plays in the organization. Many smaller organizations with funding restrictions often view Cyber Security practices as a constraint on ...

Get to Know Your Instructor: Abdulrahman Alnaim
By: SLWelty
July 2, 2019

onethird] [/onethird Fun Facts About Abdulrahman! What course do you teach? Cybersecurity Kill Chain™ What is an interesting fact about you? I love and enjoy the marine life and stay close to it as much as I can. For ...

Securing Your Network against Passive Reconnaissance
By: kenunderhill
July 2, 2019

Passive reconnaissance is an important tool for penetration testing and the beginning point of many data breaches. The process involves gathering available public information that could be used to compromise the organization. This section explores passive reconnaissance, how it applies to compromise networks, and how an organization can protect themselves from passive reconnaissance. Passive reconnaissance is a key ...

Hitting Revenue Goals: The ROI for Your Team’s Training
By: lpark
July 1, 2019

Updated October 2019 It is important to provide training for organization members to help achieve revenue goals, with a positive return on investment (ROI) for the team’s training. The revenue goals are important for an organization because it drives profits for the team, creates revenue for its stakeholders, and allows the business to continue offering the service. By ...